mirror of
https://github.com/ArcticFoxes-net/ONC-Converter
synced 2024-12-21 16:01:34 -05:00
Split the big constructOnc
function into parts
The parts are * convertKeys * convertToOnce * constructOnc
This commit is contained in:
parent
225b541cb6
commit
1b2ed32529
@ -158,6 +158,11 @@
|
||||
(val.charAt(0) === "'" && val.slice(-1) === "'"))
|
||||
}
|
||||
|
||||
/**
|
||||
* This function is supposed to prevent any exploits via the object keys
|
||||
*
|
||||
* It's probably complete overkill.
|
||||
*/
|
||||
function makeSafe (val, doUnesc) {
|
||||
val = (val || '').trim()
|
||||
if (isQuoted(val)) {
|
||||
@ -202,25 +207,28 @@
|
||||
}
|
||||
|
||||
/**
|
||||
* Construct the ONC structure from the name, the parsed ovpn file and the keys
|
||||
* Convert the keys from the parsed OVPN file into ONC keys
|
||||
*
|
||||
* @param {string} name Name of the connection
|
||||
* @param {Object} ovpn The parsed OVPN file
|
||||
* @param {Object} keys Strings with keys, indexed by key name
|
||||
* @return {Object} The converted ONC structure
|
||||
* @param {Object} ovpn The parsed OVPN file
|
||||
* @return {Object} ONC parameters and a list of converted certificates
|
||||
*/
|
||||
function constructOnc (name, ovpn, keys) {
|
||||
if (!ovpn.client) {
|
||||
console.warn('Is this a server file?')
|
||||
}
|
||||
function convertKeys (keys, ovpn) {
|
||||
let params = {}
|
||||
|
||||
|
||||
// Add certificates
|
||||
let certs = []
|
||||
let [cas, caGuids] = createCerts(keys, ovpn['ca'], 'Authority')
|
||||
|
||||
// Server certificate
|
||||
// TODO: check whether the type should be 'Authority'
|
||||
let [cas, caGuids] = constructCerts(keys, ovpn['ca'], 'Authority')
|
||||
params['ServerCARefs'] = caGuids
|
||||
certs = certs.concat(cas)
|
||||
let [clientCerts, clientCertGuids] = createCerts(keys, ovpn['cert'], 'Authority')
|
||||
|
||||
// Client certificate
|
||||
// TODO: handle other types of client certificates
|
||||
let [clientCerts, clientCertGuids] = constructCerts(keys, ovpn['cert'],
|
||||
'Authority')
|
||||
if (clientCerts) {
|
||||
params['ClientCertType'] = 'Pattern'
|
||||
params['ClientCertPattern'] = {
|
||||
@ -230,6 +238,32 @@
|
||||
} else {
|
||||
params['ClientCertType'] = 'None'
|
||||
}
|
||||
|
||||
// TLS auth
|
||||
if (ovpn['tls-auth']) {
|
||||
let authKey = ovpn['tls-auth'].split(' ')
|
||||
let keyString = keys[authKey[0]]
|
||||
if (!keyString) {
|
||||
alert("Please provide the file '" + authKey[0] + "' in 'Certificates and keys'")
|
||||
}
|
||||
params['TLSAuthContents'] = convertKey(keyString)
|
||||
if (authKey[1]) params['KeyDirection'] = authKey[1]
|
||||
}
|
||||
return [params, certs]
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Convert the parsed ovpn file into the ONC structure
|
||||
*
|
||||
* @param {Object} ovpn The parsed OVPN file
|
||||
* @return {Array} An array with the host and an object with the parameters
|
||||
*/
|
||||
function convertToOnc (ovpn) {
|
||||
if (!ovpn.client) {
|
||||
console.warn('Is this a server file?')
|
||||
}
|
||||
let params = {}
|
||||
|
||||
// Add parameters
|
||||
let remote = ovpn.remote.split(' ')
|
||||
@ -242,15 +276,6 @@
|
||||
params['CompLZO'] = 'false'
|
||||
}
|
||||
if (ovpn['persist-key']) params['SaveCredentials'] = true
|
||||
if (ovpn['tls-auth']) {
|
||||
let authKey = ovpn['tls-auth'].split(' ')
|
||||
let keyString = keys[authKey[0]]
|
||||
if (!keyString) {
|
||||
alert("Please provide the file '" + authKey[0] + "' in 'Certificates and keys'")
|
||||
}
|
||||
params['TLSAuthContents'] = convertKey(keyString)
|
||||
if (authKey[1]) params['KeyDirection'] = authKey[1]
|
||||
}
|
||||
if (ovpn['verify-x509-name']) {
|
||||
const x509String = ovpn['verify-x509-name']
|
||||
let x509 = {}
|
||||
@ -294,6 +319,24 @@
|
||||
conditionalSet('auth', 'Auth')
|
||||
conditionalSet('auth-retry', 'AuthRetry')
|
||||
conditionalSet('reneg-sec', 'RenegSec', 'int')
|
||||
|
||||
return [host, params]
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Construct the ONC structure from the name, the parsed ovpn file and the keys
|
||||
*
|
||||
* @param {string} name Name of the connection
|
||||
* @param {Object} ovpn The parsed OVPN file
|
||||
* @param {Object} keys Strings with keys, indexed by key name
|
||||
* @return {Object} The converted ONC structure
|
||||
*/
|
||||
function constructOnc (name, ovpn, keys) {
|
||||
let [host, params] = convertToOnc(ovpn)
|
||||
let [certParams, certs] = convertKeys(keys, ovpn)
|
||||
// merge parameters
|
||||
params = Object.assign({}, params, certParams)
|
||||
|
||||
// Put together network configuration
|
||||
let config = {
|
||||
@ -351,8 +394,17 @@
|
||||
}
|
||||
return cas
|
||||
}
|
||||
|
||||
function createCerts (keys, certName, certType) {
|
||||
|
||||
/**
|
||||
* Construct certificates in the ONC format
|
||||
*
|
||||
* @param {Object} keys Strings with keys, indexed by key name
|
||||
* @param {string} certName The index for the keys object
|
||||
* @param {string} certType Type of the certificate: 'Authority', 'Client' or
|
||||
* 'Server'
|
||||
* @return {Array} An array of certificates and an array of corresponding IDs
|
||||
*/
|
||||
function constructCerts (keys, certName, certType) {
|
||||
let certs = []
|
||||
let certGuids = []
|
||||
if (certName) {
|
||||
|
Loading…
Reference in New Issue
Block a user